MCPcopy Index your code
hub / github.com/saltstack/salt / verify

Method verify

salt/crypt.py:429–448  ·  view source on GitHub ↗
(self, data, signature, algorithm=PKCS1v15_SHA1)

Source from the content-addressed store, hash-verified

427 raise UnsupportedAlgorithm(f"Unsupported algorithm: {algorithm}")
428
429 def verify(self, data, signature, algorithm=PKCS1v15_SHA1):
430 _padding = self.parse_padding_for_signing(algorithm)
431 _hash = self.parse_hash(algorithm)
432 if SHA1 in algorithm and fips_enabled():
433 # Verification with a SHA1-based algorithm is not allowed in FIPS
434 # mode. Return False rather than raise -- matches cryptography's
435 # historical "silent False" contract for unsupported algorithms.
436 return False
437 try:
438 self.key.verify(
439 salt.utils.stringutils.to_bytes(signature),
440 salt.utils.stringutils.to_bytes(data),
441 _padding(),
442 _hash(),
443 )
444 except cryptography.exceptions.InvalidSignature:
445 return False
446 except cryptography.exceptions.UnsupportedAlgorithm:
447 return False
448 return True
449
450 def decrypt(self, data):
451 pem = self.key.public_bytes(

Callers 3

_returnMethod · 0.45
verify_signatureFunction · 0.45

Calls 3

fips_enabledFunction · 0.85
parse_hashMethod · 0.80

Tested by

no test coverage detected